fkie_cve-2015-0633
Vulnerability from fkie_nvd
Published
2015-02-26 01:59
Modified
2024-11-21 02:23
Severity ?
Summary
The Integrated Management Controller (IMC) in Cisco Unified Computing System (UCS) 1.4(7h) and earlier on C-Series servers allows remote attackers to bypass intended access restrictions by sending crafted DHCP response packets on the local network, aka Bug ID CSCuf52876.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0633Vendor Advisory
psirt@cisco.comhttp://tools.cisco.com/security/center/viewAlert.x?alertId=37575Vendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/72760
psirt@cisco.comhttp://www.securityfocus.com/bid/85711
psirt@cisco.comhttp://www.securitytracker.com/id/1031796
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0633Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/viewAlert.x?alertId=37575Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/72760
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/85711
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1031796
Impacted products
Vendor Product Version
cisco unified_computing_system 1.4
cisco unified_computing_system 1.4\(1c\)
cisco unified_computing_system 1.4\(2\)
cisco unified_computing_system 1.4\(3c\)1
cisco unified_computing_system 1.4\(3c\)2
cisco unified_computing_system 1.4\(3j\)
cisco unified_computing_system 1.4\(3k\)
cisco unified_computing_system 1.4\(3p\)
cisco unified_computing_system 1.4\(3p\)5
cisco unified_computing_system 1.4\(3s\)
cisco unified_computing_system 1.4\(4a\)
cisco unified_computing_system 1.4\(4a\)1
cisco unified_computing_system 1.4\(5b\)1
cisco unified_computing_system 1.4\(5e\)
cisco unified_computing_system 1.4\(5g\)
cisco unified_computing_system 1.4\(5g\)2
cisco unified_computing_system 1.4\(5h\)
cisco unified_computing_system 1.4\(5j\)
cisco unified_computing_system 1.4\(6c\)
cisco unified_computing_system 1.4\(6d\)
cisco unified_computing_system 1.4\(7b\)1
cisco unified_computing_system 1.4\(7c\)1
cisco unified_computing_system 1.4\(7h\)
cisco c200_m1 *
cisco c200_m2 *
cisco c210_m2 *
cisco c22_m3 *
cisco c220_m3 *
cisco c220_m4 *
cisco c24_m3 *
cisco c240_m3 *
cisco c240_m4 *
cisco c250_m1 *
cisco c250_m2 *
cisco c260_m2 *
cisco c3160 *
cisco c420_m2 *
cisco c420_m3 *
cisco c460_m1 *
cisco c460_m2 *
cisco c460_m4 *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDE26A38-91CF-4370-812B-7392493EFDC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(1c\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F36331E2-247F-4424-8180-8CAF148C902F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B7D3105E-90F5-45CF-9F61-2C097C29F69F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(3c\\)1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7405DFEA-AEBD-465E-9E8C-410F76ABD1B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(3c\\)2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DCFCAD0-6AD7-4922-8590-C5AC6FCAD07B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(3j\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D2EBC379-6B6E-4163-99A1-59D9EFD25617",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(3k\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "897BEF05-B82F-40ED-BD61-82565414B8A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(3p\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9705927D-AC90-4634-B1CF-4988CBFDED1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(3p\\)5:*:*:*:*:*:*:*",
              "matchCriteriaId": "48E4E069-4533-496E-AE9F-53877ECAF012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(3s\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8A5476F9-F175-4DF2-8008-816DCA4C37C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(4a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "52C45532-1567-431C-B34E-62DC5D06A031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(4a\\)1:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E4FCD8-4873-45FB-A6DA-2126D3162A77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(5b\\)1:*:*:*:*:*:*:*",
              "matchCriteriaId": "69CC7E68-740F-43BF-A3DC-F534CA86DE57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(5e\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B6A8C33B-F5BA-4B06-A5FA-90A3C93906E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(5g\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "52006265-724E-420C-85FD-B3B36A5EBAB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(5g\\)2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B134E5E-E98E-47A9-BE94-2BD18AB13EF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(5h\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7352EFF1-6392-44CB-B3E8-72D9DFFD7DE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(5j\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "55C80AE3-D250-4B62-961B-6F50DA3C9C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(6c\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7ED8A041-855A-47CB-ABCC-86F53EFFCF5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(6d\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AFA79800-A935-463F-82B4-C8A58B887A69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(7b\\)1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9167071D-DE00-4C0B-AF5A-4982B74DB998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(7c\\)1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D118D6E-59F1-4E4A-BECA-92E98DCD3397",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:1.4\\(7h\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7A81D53E-82E0-4008-9C45-A0FDED7C8F22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:c200_m1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "74DAA02E-56F2-4CC1-97CF-00E775FDE531",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c200_m2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27BB731F-A20D-485E-B9F4-612ED6B58D59",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c210_m2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DFD3B18-5DCC-4E5E-A2BA-1F2F7C0D4DFC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c22_m3:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D3270DB-AF43-4E4A-ABFF-C5AA66427AD4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c220_m3:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FAB8C01-31F7-4071-92FF-0AD7B40BDDDF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c220_m4:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "915CDCF7-101B-47F8-AAF5-2B4805504997",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c24_m3:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "618008DA-EB84-4F7C-BE79-3C76D53FFC0E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c240_m3:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18ABBEBC-AF71-43EC-BE00-F77E6AF80CC8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c240_m4:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD4A3A8B-0022-4406-84D7-0A1B002E6148",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c250_m1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16EF4E36-4DD5-4C58-BE0F-DEFF81C6D438",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c250_m2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "242E34EB-AE1A-447F-82BB-580C5513C64E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c260_m2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B7D4502-0A1B-4D13-A1CF-5479BA802FDF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c3160:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6385E303-B5AE-46B5-A2D3-23615B89B92C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c420_m2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EA3B25A-37CB-4DF1-B510-4E1238085D7E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c420_m3:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D93C23B-AAD0-44B3-8144-80B2F4EF800C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c460_m1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C48649E1-949E-47AB-9DA1-1AE99C689766",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c460_m2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9912EDFE-F113-4B71-9BE9-08E5AA7CEB12",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c460_m4:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F373F2AC-E045-447C-9ADA-60B84F016691",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Integrated Management Controller (IMC) in Cisco Unified Computing System (UCS) 1.4(7h) and earlier on C-Series servers allows remote attackers to bypass intended access restrictions by sending crafted DHCP response packets on the local network, aka Bug ID CSCuf52876."
    },
    {
      "lang": "es",
      "value": "Integrated Management Controller (IMC) en Cisco Unified Computing System (UCS) 1.4(7h) y anteriores en los servidores de la serie C permite a atacantes remotos evadir las restricciones de acceso mediante el env\u00edo de paquetes manipulados de respuestas DHCP en la red local, tambi\u00e9n conocido como Bug ID CSCuf52876."
    }
  ],
  "id": "CVE-2015-0633",
  "lastModified": "2024-11-21T02:23:26.437",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 7.8,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-02-26T01:59:00.063",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0633"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=37575"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/72760"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/85711"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1031796"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0633"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=37575"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/72760"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/85711"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1031796"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.